[Phpmyadmin-devel] testing bookmarks
Marc Delisle
lem9 at users.sourceforge.net
Fri Jul 13 21:07:06 CEST 2001
Armel FAUVEAU a écrit :
>
> Hi all,
>
> > what are the privileges required for a normal user X to be able to use
> > the bookmark features?
> >
> > I added select, insert, update, delete, index, alter to this user X for
> > database bookmark, table bookmark, and he does not see the bookmarks.
> >
> > However a user A with global privileges was able to create bookmarks on
> > the database X.
> >
> > User X, in mysql, can see the bookmarks.
>
> I think that your config.inc.php look like this :
>
> $cfgServers[1]['host'] = 'localhost';
> $cfgServers[1]['port'] = '';
> $cfgServers[1]['adv_auth'] = true;
> $cfgServers[1]['stduser'] = 'xxxx';
> $cfgServers[1]['stdpass'] = 'yyyy';
> $cfgServers[1]['user'] = '';
> $cfgServers[1]['password'] = '';
> $cfgServers[1]['only_db'] = '';
> $cfgServers[1]['verbose'] = '';
> $cfgServers[1]['bookmarkdb'] = 'bookmarkdb';
> $cfgServers[1]['bookmarktable'] = 'bookmarktable';
>
> This not work :(
>
> If you want to use bookmark in adv_auth for others users, you must add a new
> $cfgServer section :
>
> $cfgServers[2]['host'] = 'localhost';
> $cfgServers[2]['port'] = '';
> $cfgServers[2]['adv_auth'] = true;
> $cfgServers[2]['stduser'] = 'anotheruser';
> $cfgServers[2]['stdpass'] = 'anotherpass';
> $cfgServers[2]['user'] = '';
> $cfgServers[2]['password'] = '';
> $cfgServers[2]['only_db'] = '';
> $cfgServers[2]['verbose'] = '';
> $cfgServers[2]['bookmarkdb'] = 'bookmarkdb';
> $cfgServers[2]['bookmarktable'] = 'bookmarktable';
>
> Yes, it's not perfect :(
> But, because of security, i think it's much better (all users don't share
> the same bookmark table).
> If you are another idea, i'm opened :)
>
Armel,
Ok you mean that in a multi-user environment, I would need a different
cfgServers
section for each user? This is not very practical for hundreds of
users.
Maybe we could have a central bookmark base+table, with an additional
field (the user),
and a special connection to the database with stduser/stdpass (with a
stduser that
had rights to the central bookmark base and table). Then we would avoid
giving each
users the right to a central bookmark base+table.
In the meantime, can you update Documentation.html to indicate that in
phpMyAdmin 2.2.0,
the bookmark feature is only intended for basic auth?
Marc
More information about the Developers
mailing list